You can liken Lulzsec to Sinn Fein (http://en.wikipedia.org/wiki/Sinn_F%C3%A9in) to some degree with Barrett Brown at the top of Anonymous (Irish Republican Army) and LulzSec as the small militant wing (offshoot of the IRA) that the leadership can give covert direction to while denying a direct connection or position of influence over. Barrett Brown conviently denies alignment with Anonymous from time to time but is truly their defacto leader. LulzSec is largely the ultra-militant wing that takes little direction from anyone but searches for new targets everyday. They are lawless. They do have a leader amongst them that they defer to. Someone with street credentials who has a track record for hacking and is revered for such.
Lulzsec wants to extort information, valuable technology, blackmail and coerce. They understand the psychological control mechanism associated with the Stockholm syndrome. In this case, the threat to fully expose information illegally acquired. They believe they can be a threat to the commercial life of an organization and some form of kindness, usually misinterpreted as such by the victim (during the extortion/blackmail process), shown by the perpetrators leads to the organizational survival of the captive’s basic needs. Their actions are much akin to rape. Gratification comes from gaining power and control and discharging anger. This gratification is only temporary, so the rapist seeks another victim. Their goal is to capture, overpower and control their victims. It is clear that the offenders gain pleasure knowing that their victims are helpless and suffering because of them.
Further to, they are relatively sharp in their genre' and probably grew up with this stuff. Most likely gamers who didn’t get out much and are social misfits. Introverts with pale faces who only associated with their own groups in high school. Usually, non-athletic types who excelled in computer classes, math and not much else and were picked on by the jocks and shunned by others. Some may have been savant types with respect to math and computers who grew bored later in high school and started to look inward with grades dropping while getting into trouble; acting out to get attention. They probably came from middle/upper middle class where daddy is away a lot and mommy works too. The perpetrators are skilled in the art of cyber anonymity yet stupid when it comes to holding online meetings. They are not to be trifled with and are well versed in the arts and sciences of hacking and deception but their skills are not as good as they make out to be. It is just that IT really sucks and most CIOs and many CISOs are clueless in protecting infrastructures. They all need to go.
The idea is that it is difficult to fully know and trust more than a certain number of people, and Anonymous has far exceeded this number. The ideology that once was the calling card for Anonymous seems to be sullied and dragged through the mud (freedom of speech). This instance demonstrates that freedom of speech is no longer their motto. They may claim to be a separate group and this in fact may be true. However, it is also true that they were and may still be some of the core members of Anonymous. The difference with this group is they are cyber bullies and thugs. They have no code. They seem to think they do but they are on a power trip of epic proportions. They are sophomoric in their approach (defacements and disclosures with impact), yet drive significant fear whereby few if any information security companies are coming out against them. They are in gamer God mode right now. They believe they are entitled to something and when they can’t get it, they call their targets names. Psychologically speaking they are stuck in the ID stage.
What is most disturbing at this point in the game is that other such organizations have suffered the same fate. If the perpetrators claims are in fact true, that they have extorted others who have kept quiet. What data or intellectual property did the other victims give and are still giving to the blackmailers? What access to sensitive technology has fallen prey to this group? Have these organizations sold their souls for silence? Are these other victims security firms? And the security firms continue to perpetuate the problems selling crap that doesn’t work (anti-virus which is dead) since the market still generates scores of millions as they lie to the public. The same companies that get hacked; the same people from these companies who sit on boards and councils at the government / commercial level spouting the same tired shit. They all need to go.
They keep screwing with the black arts such as ManTech, the CIA, Iran and others and they will be dead soon. Fuck with the bull too often and the bull will eventually grow tired of the fly on its tail… They are trying to create a busybox and only give the idea to others who can handle the thousands of lines of code. Most likely the big boys have had this down for years. They triffle with nitro …
Their overt deception is to make themselves out to be more that what they are. Their major skills are SQL-injection attacks which is nothing more than exploitation of poor configurations. Something every CIO should have their ass kicked for. Larger than life and to be feared. It goes directly against the principles of ‘freedom of speech’ since they wish to embarrass organizations into censorship. I am sure they are not readers of Carl von Clausewitz who said:
“The great uncertainty of all data in war is a peculiar difficulty, because all action must, to a certain extent, be planned in a mere twilight, which in addition not infrequently — like the effect of a fog or moonshine — gives to things exaggerated dimensions and unnatural appearance.
But they are creating a fog and fear that is causing many companies to run scared. But in this fog are the security companies and CIOs and CISOs (who should not be CISOs) who generate so much bullshit that no one can tell who is right and who is wrong. In most cases, they are all wrong. They all live for the moment and all want to be heros when in fact, they are the rubes who cause the issues to begin with.
Sir Winston Churchill said what I think sums up the current situation for those who truly get it:
If you will not fight for right when you can easily win without bloodshed; if you will not fight when your victory is sure and not too costly; you may come to the moment when you will have to fight with all the odds against you and only a precarious chance of survival. There may even be a worse case. You may have to fight when there is no hope of victory, because it is better to perish than to live as slaves.
